The FBI battled Apple for several months in early 2016, attempting to force Apple into decrypting the San Bernardino shooter’s iPhone. Apple, the FBI claimed, was the only company with the ability to unlock the iPhone 5C. Apple firmly denied these claims. Then the Justice Department revealed that a third party hacked the iPhone and Apple was no longer needed.
Speculation ensued; the Justice Department released no relevant names or details as to how the iPhone was unlocked. Yedioth Ahronoth, an Israeli newspaper, eventually reported that the unannounced entity behind the iPhone decryption was a local security firm. The little-known, 17-year-old Israeli firm named Cellebrite Mobile Synchronization was believed to be the culprit.
A Cellebrite representative, in April, revealed that the Israeli company was not behind the decryption. Sources who attended the high-tech crimes conference in Minnesota spoke with The Intercept and the Washington Post confirmed the above. Yossi Carmil, one of Cellebrite’s CEOs, declined to comment regarding the topic.
Reports that Cellebrite was not the company behind the iPhone’s decryption circulated and caused more confusion for interested parties.
Cellebrite rumors started and ultimately revealed bigger, more interesting truths about the company. The company’s researchers, over the last decade, became the FBI’s personal mobile device hackers. Cellebrite has been contracted by the FBI since 2009, according to federal procurement records.
The FBI, however, are not alone in relying on Cellebrite for getting into mobile devices. According to The Intercept, the Israeli company has contracts with the US Drug Enforcement Administration, the Secret Service, and the Department of Homeland Security. Branches of the US military use Cellebrite’s researchers and tools to extract data from phones taken from suspected terrorists. State and local law enforcement agencies across the US have contracts with Cellebrite for the same reason.
“Vendors … are implementing more and more security features into their product, and that’s definitely challenging for us,” says Shahar Tal, director of research at Cellebrite. “But we’ve solved these challenges before [and] we continue to solve these challenges today.”
In July, after the still-unknown third party unlocked the iPhone for the FBI, Cellebrite announced their own solution. The company developed their own method for bypassing iPhone password and fingerprint encryption. Furthermore, the company claimed they would be able to continue bypassing the encryption regardless of upcoming security changes by Apple.
The FBI announced at a press conference in Minnesota that the agency possessed another iPhone in need of decryption. FBI’s Rich Thorton did not disclose details regarding the phone model or when the phone was purchased. “We are in the process of assessing our legal and technical options to gain access to this device and the data it may contain,” Thorton said.
In light of The Intercept’s discovery, something a Cellebrite CEO said in an interview may be of importance: “If it’s going to be done, it’s going to be done in this building,” Cellebrite CEO Yossi Carmil said.